[drupal-support] Installation issues

[puregin]

Torgeir,

     please take some time to study MySQL installation.   Unfortunately,
carelessness here can lead to serious security vulnerabilities in your
installation.   Time spent here can save many hours of frustration,
your data, and more.

     I find that the documentation at http://www.mysql.com is pretty 
good.

     Generally, if you use MySQL for Drupal *ONLY*, you should configure
your installation so that MySQL is not accessible except from the
localhost (assuming Drupal,  MySQL and webserver all on the same 
machine)

     This requires the proper configuration of the MySQL users table,
MySQL server configuration, firewall settings.

      Make sure that you have the most recent version of MySQL installed.

      Make sure that you have a *good* MySQL root password setup.

      From your post,  it sounds  as if you have set up a system account 
'dba_user'.
This is probably a bad idea, if you've done so, it's probably a good 
idea
to remove this account.


On 24 Apr 2005, at 1:57 PM, Alejandro Exojo wrote:

> El Domingo, 24 de Abril de 2005 21:43, Eric Scouten escribió:
>> If you've been given a username and password by someone else who runs
>> the MySQL server, you *must* put a space between the -u and the user
>> name and you must *not* put a space between the -p and the password.
>> (Yes, I know this is confusing.) Thus:
>>
>>     $ mysql -u whoami -psecret drupal
>
> I really discourage this. If someone in the machine reads your 
> .bash_history
> (asuming you use bash), or runs px in the machine, can steal your 
> password.
>
> In all mysql versions I've used, running just "-u foo -p" will ask your
> password interactively, solving the problem from above.

> -- 
> Alex (a.k.a. suy) - GPG ID 0x0B8B0BC2
> http://darkshines.net/ - Jabber ID: suy at bulmalug.net
>

Good advice, in general!  Don't type sensitive information on the 
command line.


      Hope this helps.

       Djun

--
puregin at puregin.org